CVE-2025-6078 Information

Description

Partner Software’s Partner Software application and Partner Web application allows an authenticated user to add notes on the ‘Notes’ page when viewing a job but does not completely sanitize input making it possible to add notes with HTML tags and JavaScript enabling an attacker to add a note containing malicious JavaScript leading to stored XSS (cross-site scripting).

Reference

https://partnersoftware.com/resources/software-release-info-4-32/

Related CNNVD

CNNVD-202508-122 (Published: 2025-08-02)